Industry Spotlight Broker Dealers

Financial Industry Takes Most Heat for Data Breaches: Study

News September 20, 2018 at 03:31 PM
Share & Print

Of all the industries prone to data breaches — maybe better make that of all industries, period, since hacking and other incursions have become so prevalent — the financial industry stands out, and not for a good reason.

In fact, according to a report from eMoney Advisor, financial services firms are the most susceptible to the bad publicity that results from an exposure of what should have been private data. In fact, at 5.7%, the industry has the highest abnormal churn rate — a measure of lost customers — in the U.S. economy.

And even though cyberattacks make lots of headlines, that doesn't mean that firms are prepared to ward them off. Says the report, they lack the resources, infrastructure or experience to keep them at bay.

The average financial firm breach costs nearly $7 million, while a recent report finds that in 2017, 25% of such firms were hit; in 2016, 20% of firms suffered a breach.

The purpose of data breaches can vary depending on the industry, with hackers of retail and government systems usually looking for data to sell online. Within the financial industry, hackers are typically looking to steal money or data directly from customers, eMoney says.

Some of the tricks hackers use are the business email compromise (BEC), which tricks someone in the company into sending funds to a bogus account; ransomware, shutting down a company's systems until a ransom is paid; and phishing, which is the most common in financial sector companies. Phishing emails lure the recipient into clicking on a link, attachment or website that can then infect the computer with malware.

Attacks are getting more sophisticated and more common, with the risks including having to deal with irate clients and offering free or discounted services to them, time spent dealing with the situation, reputational damage and the cost of lost customers.

Some of the measures eMoney Advisor suggests to protect data include two-factor authentication, which makes it more difficult for bad guys to gain access to client accounts; encryption, which keeps hackers from being able to make sense of data if they've hacked in directly; and backups, which can protect against ransomware by allowing companies to restore their own data.

Vendors need to be monitored and a disaster recovery plan just for cyberattacks should be in place, and companies should also be prepared to review "lessons learned" in the wake of a problem.

Last but not least, "cybersecurity hygiene" that keeps systems and security measures current and active; better training of users to avoid their being taken in by tricks; and testing security to make sure that everything is working and protected as it should be have to be on a company's list of protective measures.

Investment Strategies
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Related Stories

JPMorgan Pays $151M to Settle Slate of SEC Complaints Stifel to Buy Part of B. Riley's Wealth Unit Ex-JPMorgan Advisor to Halt Client Poaching Amid Arbitration Rep Churned Senior Business Owner's Account, Violated Reg BI: FINRA Kentucky Advisor Fined Over Bourbon-Tasting Business LPL Discloses $18M Charge, but No Arnold Updates on Q3 Call

Resource Center

Why Charitable Expertise Should Be Part of Your Practice link

White Paper

Why Charitable Expertise Should Be Part of Your Practice

Generative AI Trends Among U.S. Financial Advisors and Consumers link

White Paper

Generative AI Trends Among U.S. Financial Advisors and Consumers

Tech Is the New Talent Magnet: Firms That Invest in Innovation Attract Top Advisors link

White Paper

Tech Is the New Talent Magnet: Firms That Invest in Innovation Attract Top Advisors